A majority of life today revolves around the internet. Many people are connected to the internet for a vast majority of the day, whether it is being used for work or business purposes, to keep in touch with family or friends or to stay up to date with world affairs, the stock market, or social media. In addition to being constantly connected, essentially all our personal and professional documents are stored on a computer or in the cloud. Since a majority of information is stored in this manner, there are many potential threats which include the risk of stolen data, loss of privacy, identity theft and device infected malware. As threats of cyberattacks on any network increases, the need for advanced cybersecurity practices is constantly growing. 

During the recent Pinnacle University event, I discussed the growing challenges of the cybersecurity industry in today’s evolving technological world. The importance of advanced measures and practices and how actuarial modeling techniques can be applied to the cybersecurity industry were also discussed. 

My presentation mainly focused on the different actuarial modeling techniques that can be used for cybersecurity practices as threat detection and/or avoidance. One such technique is predictive analytics, which is the analysis of historical information to predict future events. In relation to cybersecurity applications, predictive analytics can be used to help determine the probability of attacks against organizations and to set up defenses before cybercriminals can penetrate an organizations’ security network. This can be done by gathering data about malware, data breaches, phishing campaigns and extracting the relevant data into signatures—the digital fingerprint of an attack. These signatures can then be compared to network traffic and emails within an organizations’ network to detect any potential threats in their system. However, there are some drawbacks with using predictive analytics methods for cybersecurity practices; most notably, the variety and volume of data is overwhelming and thus requires a substantial amount of computing power, storage and memory. 

Artificial intelligence (AI), the science of making machines perform human tasks, can also be used for cybersecurity tasks. Robots have the potential to help defend against incoming attacks. An advantage of using robots for cybersecurity applications is they can constantly be working. Timing is very important with malware and other data manipulations. If a virus could be fought the second it began downloading, there would be a much better chance of defending against the attack, minimizing the amount of damage done and reducing repair costs of the damage to the organizations’ internal network. 

Machine learning is an approach to AI that uses a system capable of learning from experience and can recognize patterns by using examples rather than by programming them. Machine learning cuts down the time it takes to detect a cyberattack and can process greater amounts of data. Various machine learning methods can be applied to cybersecurity tasks depending on the objective. Fraud detection can use a regression machine learning method, identifying variables that indicate a high probability of fraudulent actions. A spam filter, an example of a classification method, separates spam from other messages and was one of the first machine learning approaches applied to cybersecurity tasks. Unsupervised machine learning methods like clustering, dimensionality reduction and the association rule are all useful for making large datasets easier to analyze and understand, but these methods are limited when it comes to identifying anomalies of an attack. Supervised learning methods like classification and regression are helpful in finding anomalies of an attack and helping to prevent or stop cyberattacks.

Since cyber risk is constantly evolving, models developed a couple years ago are now outdated and ineffective. Cybercriminals are becoming more sophisticated as well. Predictive analytics and machine learning can be used to help identify and prevent cyberattacks, but this technology is also available to criminals. They can use machine learning to automate the selection of victims most vulnerable or to find weak points of a cyber defense system. They can also develop new technologies to bypass security software. Cybercriminals are able to create unique signatures for each attack which would allow them to penetrate a security system, since that system has yet to see that type of attack before. These advances are making it harder to develop adequate methods and programs to prevent cyberattacks. 

As technology continues to advance, the cybersecurity industry will continue to face new challenges. As these new challenges come to light, modeling techniques will become increasingly important to be able to detect and defend against cyberattacks. The need for these techniques to be effective as time goes on will be an important factor in fighting cybercrime.   

Amanda Conklin is an Actuarial Analyst 2 with Pinnacle Actuarial Resources, Inc. in the Bloomington, Illinois office. She holds a Bachelor of Science degree in Actuarial Science from Illinois State University. Amanda has experience in assignments involving Loss Reserving, Loss Cost Projections and Group Captives. She is actively pursuing membership in the Casualty Actuarial Society (CAS) through the examination process.